Novell Home

CVE-2011-1146

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2011-1146 at MITRE

Description

libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettach, (2) virNodeDeviceReset, (3) virDomainRevertToSnapshot, (4) virDomainSnapshotDelete, (5) virNodeDeviceReAttach, or (6) virConnectDomainXMLToNative call, a different vulnerability than CVE-2008-5086.

NVD CVSS v2 Base Score: 6.9 (AV:L/AC:M/Au:N/C:C/I:C/A:C)

Novell/SUSE information

Novell Bugzilla entry: 678406

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Software Development Kit 11 SP1
  • libvirt-devel >= 0.7.6-1.21.1
  • xen-devel >= 4.0.1_21326_08-0.5.1
sle11-sp1-sdk.x86-64
sles11-sp1.x86-64
sles11-sp1.x86
sled11-sp1.x86-64
sle11-sp1-sdk.x86
sled11-sp1.x86
SAT Patch Nr: 4491
SUSE Linux Enterprise Desktop 11 SP1
  • libvirt >= 0.7.6-1.21.1
  • libvirt-doc >= 0.7.6-1.21.1
  • libvirt-python >= 0.7.6-1.21.1
  • vm-install >= 0.4.30-0.3.2
  • xen >= 4.0.1_21326_08-0.5.1
  • xen-kmp-default >= 4.0.1_21326_08_2.6.32.36_0.5-0.5.1
  • xen-kmp-pae >= 4.0.1_21326_08_2.6.32.36_0.5-0.5.1
  • xen-libs >= 4.0.1_21326_08-0.5.1
  • xen-tools >= 4.0.1_21326_08-0.5.1
  • xen-tools-domU >= 4.0.1_21326_08-0.5.1
sle11-sp1-sdk.x86-64
sles11-sp1.x86-64
sles11-sp1.x86
sled11-sp1.x86-64
sle11-sp1-sdk.x86
sled11-sp1.x86
SAT Patch Nr: 4491
SUSE Linux Enterprise Desktop 11 SP1
  • libvirt >= 0.7.6-1.21.1
  • libvirt-doc >= 0.7.6-1.21.1
  • libvirt-python >= 0.7.6-1.21.1
  • vm-install >= 0.4.30-0.3.2
  • xen >= 4.0.1_21326_08-0.5.1
  • xen-kmp-default >= 4.0.1_21326_08_2.6.32.36_0.5-0.5.1
  • xen-libs >= 4.0.1_21326_08-0.5.1
  • xen-tools >= 4.0.1_21326_08-0.5.1
  • xen-tools-domU >= 4.0.1_21326_08-0.5.1
sle11-sp1-sdk.x86-64
sles11-sp1.x86-64
sles11-sp1.x86
sled11-sp1.x86-64
sle11-sp1-sdk.x86
sled11-sp1.x86
SAT Patch Nr: 4491
SUSE Linux Enterprise Server 11 SP1
  • libvirt >= 0.7.6-1.21.1
  • libvirt-doc >= 0.7.6-1.21.1
  • libvirt-python >= 0.7.6-1.21.1
  • vm-install >= 0.4.30-0.3.2
  • xen >= 4.0.1_21326_08-0.5.1
  • xen-doc-html >= 4.0.1_21326_08-0.5.1
  • xen-doc-pdf >= 4.0.1_21326_08-0.5.1
  • xen-kmp-default >= 4.0.1_21326_08_2.6.32.36_0.5-0.5.1
  • xen-kmp-pae >= 4.0.1_21326_08_2.6.32.36_0.5-0.5.1
  • xen-libs >= 4.0.1_21326_08-0.5.1
  • xen-tools >= 4.0.1_21326_08-0.5.1
  • xen-tools-domU >= 4.0.1_21326_08-0.5.1
sle11-sp1-sdk.x86-64
sles11-sp1.x86-64
sles11-sp1.x86
sled11-sp1.x86-64
sle11-sp1-sdk.x86
sled11-sp1.x86
SAT Patch Nr: 4491
SUSE Linux Enterprise Server 11 SP1
  • libvirt >= 0.7.6-1.21.1
  • libvirt-doc >= 0.7.6-1.21.1
  • libvirt-python >= 0.7.6-1.21.1
  • vm-install >= 0.4.30-0.3.2
  • xen >= 4.0.1_21326_08-0.5.1
  • xen-doc-html >= 4.0.1_21326_08-0.5.1
  • xen-doc-pdf >= 4.0.1_21326_08-0.5.1
  • xen-kmp-default >= 4.0.1_21326_08_2.6.32.36_0.5-0.5.1
  • xen-libs >= 4.0.1_21326_08-0.5.1
  • xen-tools >= 4.0.1_21326_08-0.5.1
  • xen-tools-domU >= 4.0.1_21326_08-0.5.1
sle11-sp1-sdk.x86-64
sles11-sp1.x86-64
sles11-sp1.x86
sled11-sp1.x86-64
sle11-sp1-sdk.x86
sled11-sp1.x86
SAT Patch Nr: 4491
openSUSE 11.3
  • xen-debugsource >= 4.0.1_21326_08-0.7.1
  • xen-kmp-default-debuginfo >= 4.0.1_21326_08_k2.6.34.8_0.2-0.7.1
  • xen-kmp-desktop-debuginfo >= 4.0.1_21326_08_k2.6.34.8_0.2-0.7.1
  • xen-kmp-pae-debuginfo >= 4.0.1_21326_08_k2.6.34.8_0.2-0.7.1
  • xen-libs-debuginfo >= 4.0.1_21326_08-0.7.1
  • xen-tools-debuginfo >= 4.0.1_21326_08-0.7.1
  • xen-tools-domU-debuginfo >= 4.0.1_21326_08-0.7.1
openSUSE 11.3
  • vm-install >= 0.4.30-0.4.1
  • xen >= 4.0.1_21326_08-0.7.1
  • xen-devel >= 4.0.1_21326_08-0.7.1
  • xen-doc-html >= 4.0.1_21326_08-0.7.1
  • xen-doc-pdf >= 4.0.1_21326_08-0.7.1
  • xen-kmp-default >= 4.0.1_21326_08_k2.6.34.8_0.2-0.7.1
  • xen-kmp-desktop >= 4.0.1_21326_08_k2.6.34.8_0.2-0.7.1
  • xen-kmp-pae >= 4.0.1_21326_08_k2.6.34.8_0.2-0.7.1
  • xen-libs >= 4.0.1_21326_08-0.7.1
  • xen-tools >= 4.0.1_21326_08-0.7.1
  • xen-tools-domU >= 4.0.1_21326_08-0.7.1
openSUSE 11.2
  • libvirt-debuginfo >= 0.7.2-1.1.5.1
  • libvirt-debugsource >= 0.7.2-1.1.5.1
  • libvirt-python-debuginfo >= 0.7.2-1.1.5.1
openSUSE 11.2
  • libvirt >= 0.7.2-1.1.5.1
  • libvirt-devel >= 0.7.2-1.1.5.1
  • libvirt-doc >= 0.7.2-1.1.5.1
  • libvirt-python >= 0.7.2-1.1.5.1
openSUSE 11.3
  • libvirt-client-debuginfo >= 0.8.1-4.6.2
  • libvirt-debuginfo >= 0.8.1-4.6.2
  • libvirt-debugsource >= 0.8.1-4.6.2
  • libvirt-python-debuginfo >= 0.8.1-4.6.2
openSUSE 11.3
  • libvirt >= 0.8.1-4.6.2
  • libvirt-client >= 0.8.1-4.6.2
  • libvirt-devel >= 0.8.1-4.6.2
  • libvirt-doc >= 0.8.1-4.6.2
  • libvirt-python >= 0.8.1-4.6.2
openSUSE 11.4
  • libvirt >= 0.8.8-0.6.1
  • libvirt-client >= 0.8.8-0.6.1
  • libvirt-devel >= 0.8.8-0.6.1
  • libvirt-doc >= 0.8.8-0.6.1
  • libvirt-python >= 0.8.8-0.6.1
openSUSE 11.4
  • vm-install >= 0.4.30-0.3.1
  • xen >= 4.0.2_02-4.9.2
  • xen-devel >= 4.0.2_02-4.9.2
  • xen-doc-html >= 4.0.2_02-4.9.2
  • xen-doc-pdf >= 4.0.2_02-4.9.2
  • xen-kmp-default >= 4.0.2_02_k2.6.37.6_0.5-4.9.2
  • xen-kmp-desktop >= 4.0.2_02_k2.6.37.6_0.5-4.9.2
  • xen-kmp-pae >= 4.0.2_02_k2.6.37.6_0.5-4.9.2
  • xen-libs >= 4.0.2_02-4.9.2
  • xen-tools >= 4.0.2_02-4.9.2
  • xen-tools-domU >= 4.0.2_02-4.9.2

© 2014 Novell